Thank you Amos. I agree that adding the anchor is generally harmless and
you've chosen your battles wisely.
Also thank you Garri. I must have missed your response confirming the same.
For current squid versions the wiki page is misleading according to all
credible references I can find. Any
he.org] On Behalf
Of Amos Jeffries
Sent: Friday, January 6, 2017 12:06 PM
To: squid-users@lists.squid-cache.org
Subject: Re: [squid-users] ssl_bump with intermediate CA
On 2017-01-06 21:27, senor wrote:
> Thank you for the response but I think my question is still unanswered.
> Comments
On 2017-01-06 21:27, senor wrote:
Thank you for the response but I think my question is still unanswered.
Comments below:
On 1/5/2017 16:57, Bruce Rosenberg wrote:
The cafile option specifies the "chain" file squid should send back to
the client along with the cert, exactly as you would
Thank you for the response but I think my question is still unanswered.
Comments below:
On 1/5/2017 16:57, Bruce Rosenberg wrote:
> The cafile option specifies the "chain" file squid should send back to
> the client along with the cert, exactly as you would normally do with
> Apache httpd or
On Thu, 2017-01-05 at 23:40 +, senor wrote:
> Hello All.
> I'd like clarification of the documentation at
> http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpWithInter
> mediateCA
>
> In section "CA certificate preparation" it is stated that a file
> should
> be created with
The cafile option specifies the "chain" file squid should send back to the
client along with the cert, exactly as you would normally do with Apache
httpd or Nginx.
In the example the generated server cert is depth 0, CA2 is depth 1 and CA1
is depth 2.
If the client has CA1 installed as a trust
Hello All.
I'd like clarification of the documentation at
http://wiki.squid-cache.org/ConfigExamples/Intercept/SslBumpWithIntermediateCA
In section "CA certificate preparation" it is stated that a file should
be created with "intermediate CA2 followed by root CA1 in PEM format".
CA1 is the cert